1

I am using Asp.net MVC 5.1.1 and facing this weird issue. Whenever I deploy my web app to test server( having IIS 8.5) current sessions become expired(which is obvious) and then they redirects to account/login instead of account/logon. Normal log off or fresh page hit correctly takes the user to account/logon(and this is what I have set in my configuration). But after session expiration, it shows this weird behavior. I checked and there is no reference to webmatrix.dll. Even this issue has not helped. Please advice whats wrong. Thanks

EDIT 1:

<authentication mode="Forms">
    <forms loginUrl="~/Account/Logon" timeout="2880" />
 </authentication>
Community
  • 1
  • 1
ZafarYousafi
  • 8,640
  • 5
  • 33
  • 39
  • Can you add the content of `` tag in your web.config? – ekad Sep 22 '14 at 07:35
  • – ZafarYousafi Sep 22 '14 at 07:49
  • That's weird, try searching "login" or "account/login" in current project with "Match whole word" option ticked. If there's no reference of "login" or "account/login" url anywhere in your project, maybe the setting is in IIS. – ekad Sep 22 '14 at 07:57
  • I've already checked this and found no clue. Yup its weird and it is showing this behavior even in local iis. So may be some default settings in iis but don't know what settings and how to change them – ZafarYousafi Sep 22 '14 at 08:01
  • can it be default .config file on iis? – Shukhrat Raimov Sep 22 '14 at 10:58
  • Are you absolutely sure you're using FormsAuthentication with MVC 5.1.1 and not ASP.NET Identity Authentication? Because if you are using Identity auth, then it can easily get confused if you have mistakenly re-enabled forms auth. – Erik Funkenbusch Dec 30 '14 at 20:32

2 Answers2

1

I had the same issue, you should check your StartupAuth.cs

This is the answer which helped me a lot: http://coding.abel.nu/2014/11/using-owin-external-login-without-asp-net-identity/

Also this add of this entry helped: https://stackoverflow.com/a/6081661/79379

For future reference I will include relevant code here:

<add key="loginUrl" value="~/Account/LogOn" />

public partial class Startup
{
  private void ConfigureAuth(IAppBuilder app)
  {
    var cookieOptions = new CookieAuthenticationOptions
      {
        LoginPath = new PathString("/Account/Login")
      };

    app.UseCookieAuthentication(cookieOptions);
  }
}
Community
  • 1
  • 1
radu florescu
  • 4,315
  • 10
  • 60
  • 92
-1

As far as I am aware, MVC 5 comes with the new OWIN/ASP.NET Identity authentication bits. In the web.config on a new MVC 5 project, I actually note that the FormsAuthenticationModule is disabled

  <system.webServer>
    <modules>
      <remove name="FormsAuthenticationModule" />
    </modules>

In addition, there is a new file that is created in the App_Start folder called Startup.Auth.cs. Inside of this file is the definition for the CookieAuthenticationOptions (the new FormsAuthentication name) with a default login path of "/Account/Login"

public void ConfigureAuth(IAppBuilder app)
{
    // Enable the application to use a cookie to store information for the signed in user
    app.UseCookieAuthentication(new CookieAuthenticationOptions
    {
        AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
        LoginPath = new PathString("/Account/Login")
    });

Try changing that path to the correct path for your application. Or, you could not use the new ASP.NET identity bits and remove the lines in the web.config that remove the FormsAuthenticationModule.

If you are not using or wanting to use the new authentication options, remove the call to the ConfigureAuth() in the Startup.cs file at the root of your application and delete the above lines in the web.config which removes the FormsAuthenticationModule. This should reinstate the expected behavior (again, without knowing how much customization you have done to the default code).

Tommy
  • 39,592
  • 10
  • 90
  • 121